I have a django application for which i wrote an ActiveDirectoryAuthBackend
, based on this snippet (it uses python-ldap).
It works fine most of the time.
Now it happens that some users have non-ASCII characters in their domain passwords, which leads to authentication failure, because of an encoding coercion going bad in the simple_bind_s(username, password)
function.
Actually, the password value that django passes is a unicode. So I guess I would need to encode this unicode before passing it to simple_bind_s
, thus avoiding a failing default encoding translation.
But I have no clue as for what encoding to use. The password server is a Microsoft Active Directory.
Any idea?
Cheers.
O.
After some tests and reading users' CN containing non ASCII characters, I've found that the most probable encoding for my domain is "latin-1".
A good way to check credentials would look like:
class ActiveDirectoryAuthBackend(backends.ModelBackend):
def authenticate(self, username=None, password=''):
try:
from django.contrib.auth.model import User
user = User.objects.get(username=username):
except User.DoesNotExist:
return None
from django.conf import settings
import ldap
con = ldap.initialize('ldap://{0}'.format(settings.get('LDAP_SERVER', None)))
con.set_option(ldap.OPT_REFERRALS, 0)
try:
con.simple_bind_s(username, password.encode('latin1'))
return user
exceot ldap.INVALID_CREDENTIALS:
return None
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.